<?php 
class User extends Module {
    private $logined = false;
    private $is_admin = false;
    private $user_id = 0;
    private $positions = array();
    private $position_ids = array();
    
    private $username = '';
    private $password = '';
    private $error = '';
    
    
    public function logined() {
        if ( ! isset($_SESSION)) {
            session_start();
        }
        if ( ! $this->logined) {
            if (isset($_SESSION['user_id'])) {
                $this->user_id = (int) $_SESSION['user_id'];
                $this->logined = true;
            }
        }
        return $this->logined;
    }
    
    
    public function is_admin() {
        return $this->is_admin;
    }
    
    
    public function get_user_id() {
        return $this->user_id;
    }
    
    
    public function get_position_ids() {
        return $this->position_ids;
    }
    
    
    /* --- Action Start --- */
    public function act_login() {
        if ($this->_login()) {
            $this->_redirect();
            return;
        } else {
            $data = array();
            $data['http_referer'] = $this->_get_http_referer();
            $data['username'] = $this->username;
            if ($this->error) 
                $data['error'] = $this->error;
            $out = out();
            $out->add_title('Login');
            $out->add_block($this->view('user/login', $data));
        }
    }
    
    
    public function act_logout() {
        if (isset($_SESSION)) {
            unset($_SESSION['user_id']);
            session_destroy();
        }
        tos_redirect();
    }
    /* --- Action End --- */
    
    
    
    // --- block start
    public function block_user_options() {
        return $this->view('user/options');
    }
    // --- block end
    
    
    // --- private functions start
    private function _login() {
        if ($this->logined()) {
            return true;
        }
        
        $logined = false;
        $username = '';
        $password = '';
        $error = '';
        
        
        if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
            $username = tos_http_post('username');
            $password = tos_http_post('password');
            if ( ! empty($username) && ! empty($password) && $user_id = $this->model('user')->authenticate($username, $password)) {
                $_SESSION['user_id'] = $user_id;
                $logined = true;
            } else {
                $error = 'Username or password is not right.';
            }
        }
        $this->username = $username;
        $this->logined = $logined;
        $this->error = $error;
        return $logined;
    }
    
    
    private function _get_http_referer() {
        if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
            return '';
        }
        
        if ($http_referer = tos_http_post('http_referer')) {
            return $http_referer;
        }
        
        if (isset($_SERVER['HTTP_REFERER'])) {
            return $_SERVER['HTTP_REFERER'];
        }
        
        return '';
    }
    
    
    private function _redirect() {
        $http_referer = $this->_get_http_referer();
        
        if (empty($http_referer)) {
            //m('app')->redirect();
            tos_redirect();
            exit();
        }
        $p = parse_url($http_referer);
        $host = $p['host'];
        $path = isset($p['path']) ? trim($p['path'], ' /') : '';
        $base_url = $host;
        if ( ! empty($path)) {
            $base_url .= $path;
        }
        
        $app = m('app');
        if ($base_url == $app->get_base_url()) {
            $query = isset($p['query']) ? trim($p['query']) : '';
            if ( ! empty($query)) {
                $params = array();
                parse_str($query, $params);
                if ($params) {
                    $m = isset($params['m']) ? trim($params['m']) : '';
                    $a = isset($params['a']) ? trim($params['a']) : '';
                    if ( ! empty($m) && ! empty($a) && $m != 'user' && $a != 'login') {
                        //$app->redirect($params);
                        tos_router_redirect($params);
                    }
                }
            }
        }
        
        
        
        tos_redirect();
    }
    // private functions end --- 
}
?>